Digital and non-digital forensics for cybercrime
Victimology on cybercrime
Economics of cybercrime
New research on specific forms of cybercrime and harm such as online frauds, romance scams, phishing, DDoS attacks, malware, online child sexual abuse and online pornography, cyber bullying and hate speech, fake news
The use of new technologies (e.g. cryptocurrencies) in cybercrime and their impacts on crime investigations and prevention
The use of financial agents (i.e., money mules) in cybercrime
The role of online social networks in cybercrime
Cyber elements in traditional material crime e.g. terrorism
New challenges and solutions to cybercrime in cyber-physical-social worlds
Better understanding of behaviours of victims and criminals in cybercrime
Cybercrime prevention mechanisms such as cyber security education, better tools and policies
Critical national infrastructure protection against cybercrime

Internet and its technical elements have a double impact on the human activity: simultaneously they increase the possibility of destructive behaviour and the damage they cause; also permit and encourage the freedom of expression, organization and share of knowledge. Internet also amplifies human vices and virtues. Since at the very beginning, is strongly supported the idea of the freedom of information and of the freedom of expression on the cyber space. At the same time the impact of internet on other civil freedoms is neglected. Internet has reflected the inequality between these rights, which already existed online. Reasons of the increase of offences of discriminative nature, or with the scope of the encouragement of hatred (cyber hate) may be summarized as follows:

Anonymity

Anonymity often brings into light the worst human characteristics, for this reason many of the computer criminal offences happen under the veil of perceived anonymity. The absence of identification often is perceived as if it is accompanied by the absence of rules and irresponsibility in relation with the online activity.

The division between the physical person and the online personality causes a separation from ethics, moral and legal norms. Cyberspace after brings even the perception that is the discussion on computer data and not on concrete persons, so the committed actions are perceived as not having consequences.

Crowd culture

Anonymity is the encouragement for the creation of crowds, which are easily created online, simply through internet connection. If in the past, the geographical factor and the cost for the physical unification of persons prevented the creation of different groups, the mobilizing ability of Internet has caused the creation of groups, which would not have been created in normal conditions. Persons have more the tendency to be united in groups, if their identity is not recognizable, by expressing the opinions freely (example: Ku Klux Klan).

Polarization and the pushing into extreme is noticed in these crowds, since similar opinions create the idea of echo and encourage self-belief on the committed actions. With intention of the discernment within the group or likeness from other members, frequently individuals exaggerate their opinions and actions, by going towards radicalization.

Information sharing

Daily activity brings the request for information, which often is not based on concrete data. In a certain point, people do not pay attention to their opinion, but to what others say, by sharing the information, regardless of being fake or not complete. The cycle is repeated, by creating the so called “waterfall “of information, which is difficult to discontinue. Example: social networks which recommend liked posts from other friends. Search engines increase the cycle by ranking firstly the most shared information, or by suggesting researches made by other users (Google auto complete).

Actually there is no standard definition on the term “cyber hate” or a description of what actions (or lack of actions) are included in this offence – cyber hate.

The early public attention on this topic was actually born on the Internet in the form of an online page called “Guide for groups of hate on the Internet”, created by the researcher David Goldman of Harvard University, in 1995. This web page, which served for monitoring the internet, later changed its name in “Hate Watch”. In this page there was an early definition of the subjects who created communities on the Internet with the intention of the promotion of hatred: “organizations or individuals who promote violence or unreasonable aggressiveness to persons or organizations identified by race, religious belief, ethnic origin, sexual orientation, gender or incapability”. This definition also involved organizations or individuals who intentionally share incorrect historical information on these individuals or organisms. Meanwhile, the Internet was starting to adopt a globalization of these groups, who detached themselves from geographical boundaries or national concepts, creating virtual communities by sharing their ideology and their principles. However, cyber hate is presented in two distinctive forms: in the pure ideological form and in the personal concept – towards a person for quite individual motives. In the actual doctrine is accepted that the concept of cyber hate, in contrast from the individual forms of hatred (persecution, sexual harassment and bullying which will be treated below) includes actions on wider grounds, which target certain groups, on the base of the above mentioned concrete criteria, but is not limited only in these motives.

Cyber hate

The Council of Europe has adopted the only international legal instrument in this field – the Additional Protocol to the Convention on Cybercrime. The given definition on callings of hatred nature includes all the forms of expression, which share, encourage, promote or justify race hatred, xenophobia, anti-Semitism or every other form of hatred based on intolerance including aggressive nationalism, ethnocentrism, discrimination and hostility of minorities, emigrants or persons of foreign origin.

The creation of a unified standard definition, either for the best implementation of the legislative measures or regarding legal studies and discussions, and further more; must answer the question: what is cybercrime and above all: which are the motives behind this offence.

The typical characteristics of the cyber hate groups are the same as the traditional ideological groups, following the same ideological basis. These groups are presented as communities distanced from the rest of the society, because of the covert information or discoveries unrecognized from the others; which in turn are considered oppressed from the obligatory norms of the society. By being positioned as distanced from the society, divided by the mass, bearing in mind the principle “we against them”, frequently aggressive actions are considered as self-defence to prevent the assimilation by the society. These groups keep functioning by creating a unique discernible identity, by constructing a certain image and by justifying extreme actions with outside provocations or external stalking.

The core action of these groups is the sharing of information (incorrect or misrepresentation), their extremist points of view and key ideological messages. The Internet provides the outlet for the information sharing and the reduction of logistical and financial costs. Many of messages are directed to the other social groups, in order to collect supporters, especially easily vulnerable individuals or groups. A number of messages are transmitted indirectly, hidden by images, sounds, or not easily discernible ideological forms, aiming to avoid censorship till they reach the target. This recruiting function is considered as one of the fundamental functions of these groups, who through these inwards focused messages, intend to consolidate a collective conscience.

In difference from the above mentioned groups, who act in a wider scale and have an authentic organization, the new element of the internet and recently, of the social media has caused the formation of a number of actions directed against a certain individual, where the author may not have a certain motivation, a reason or a benefit from it.

Within the society, there have always been persons of negative or aggressive tendencies, who are presented in certain moments and are justified with different motives such as: jealousy, ambition, and complex of inferiority or simply the absence of social norms. In the past, this behaviour: the attacks, the aggressiveness, or the stalking was physically expressed, bringing serious consequences; on the other side this physical nature of confrontation, caused many individuals to hold back and not reflected their negative side, because of a number of inhibitory factors. With the development of the Internet, is not important to be physically strong or quick, is enough to possess a computer system and the desire to attack. The epidemic of this online attack, masked by a veil of anonymity, has given the opportunity to each individual to express every kind of negative emotion, without any consequences.

The expression of this hate on the Internet has different forms, but the most widespread categories are trolling and cyber bullying. Cyber bullying, in cases when happens among adults (over 18) will be considered cyber harassment or cyber stalking. Because of the peculiarity of the subject (minors under 18) the second part of the material will be concentrated on cyber bullying, although we are presenting other forms of cyber hate.

Trolling(interference for amusement)

In the academic literature is considered as a “delusive, intercessory and destructive action in social groups on the internet, without any obvious scope or motive”, in spite of the perverse pleasure of the individual (which is defined as “troll”). In practice, this term is made a part of the slang of this century, being used for every type of interference from unidentified persons. On the Internet a “troll” means a person who encourages discussions and conflict on the internet, by starting debates or by annoying individuals, through absurd comments, out of theme or simply of provoking nature within a group or on line community. The aim of the post is to encourage the readers in an emotional answer or merely create an interruption of the normal discussion, simply for personal amusement.

The etymological origin of this term dates in years 1980, deriving from the Scandinavian folk legends, where a troll was a kind of ugly, asocial giant, who hampered the journey of the travellers.

“Trolling” as a verb, initially meant a fishing technique and as an idiom was used by the American army during the Vietnam War. The verb usage in the context of the virtual communication means a technique initially used to track young people or non-members of a certain circle or community.

Nowadays the figure of troll is equalized with online harassment, although in spite of usage in the bad sense of the word, often a troll serves to bring into light weak points of a discussion, or the encouragement of critical sense.

Online trolling is also considered as a demonstration of deviant behaviours of certain individuals, who profit pleasure by annoying others. Although this term is widely spread and it is an integral part of internet, a very few studies are done, maybe this is because of the absence of a correct definition, or because the concept is still in the process of development. Initially, online trolling was distanced from other illegal or unruly behaviours, because there was no motive or specific intent behind it, simply individual pleasure – actually considered an absurd definition because the lack of intention becomes an intention in itself. Even inside the sub culture of trolls there are some distinct categories: like those directed against public or political figures, by making ironical or humorous comments, trolls which are involved in social groups without an evident intention, etc.

The trolls create some issues which influence the online community in several ways:

They spread false or injurious advice, counsel and opinions, by doing so damaging the trust within the online community

They damage the open debates, created to support certain social groups or dealing with public sensitive causes.

Certain sponsors use trolls to spread information, to manipulate the public opinion or to damage their opposing groups for political, economic or social reasons.

Persons, who are not familiar with this technique, may find themselves in difficult situations, so often the best advice is ignoring the comment, or the situation will become worse. The basic principle of communication in such cases remains: “Do not feed the trolls![2]”

Cyber stalking and cyber harassment

Like all the other actions created and promoted from the technology of information, cyber stalking does not have a single and unified definition.

One of the common definitions is: the usage of the technology of information, with the intention of the stalking of an individual, group or organization. There may be several actions, which are perfectly legal individually or in themselves, but performed jointly, repeatedly and undesired by the victim, cause interference and interruption of the victim’s normal. The main characteristic of cyber stalking is the direct or indirect threat of physical violence by the author of the offence.

Two are the main encountered forms of cyber stalking: a) the private dimension, where the actions are directed through the direct communication with the victim by private channels of electronic communication, such as e-mail, private messages in social net logs, etc.; b)the public dimension (the Internet), where actions are published in public spaces on the internet, as threatening, insulting posts, or calumny on the victim. A form of public stalking is even the encouragement of third persons to commit the same actions on the victim, or to behave and act by being presented as the victim himself.

Another categorization of cyber stalking is done by classifying it in three different categories: direct communication, indirect communication, which consists on online posts; and the online bad presentation, where the author acts (takes the victim’s identity) like the victim. The third form consists on some actions committed by the author, which bring as consequence the influence over the victim, concretely:

Posting online the victim’s personal data, by encouraging third persons to contact with the victim, an action known in the internet slang as doxing[3]- search and online sharing of identifiable personal data.

Posting the victim’s photos or videos in the pornographic websites, asking for and encouraging real sexual contacts from strangers (also known as revenge porn).

Ordering and buying online by using the victim’s name and address, mainly products of sexual nature.

Cyber stalking is often accompanied by other computer or non-computer actions such as: identity theft[4], insult, defamation, other behaviours which destroy public order, financial criminal offences, etc.

Cyber stalking can be also committed by collecting the information about the victim or his/her relatives, with the intent to psychologically control, intimidate or influence the victim to perform certain actions.

Cyber stalking often is combined or accompanied by stalking in the real life (offline), being interpreted as a form of the traditional stalking, which is transformed in a new and popular form by the technological development; but on the other side there are some actions of cyber stalking which consist in quite new behaviours deviating from social norms.

The resemblance between the two forms of stalking is frequently supported by the fact that often actions of stalking/harassment easily may pass the limit amid virtual existence and real existence. The author may face the victim and may commit penal offences, or may accompany the cyber activity with the encouragement of the thirds for physical contacts. So the limit between the psychological or verbal violence (typical for online actions) and that real physical one may be unclear or inexistent.

Stalking always has been a gender-based action. The majority of the authors are men and the majority of the victims are women. This low number is also influenced by the fact that men are less inclined to report the offences to the law enforcement authorities. The author- victim relation can be classified in three categories: a) stalking from strangers; b) stalking from familiar persons; and c) stalking from ex-partners. However in cases of the encouragement of third persons, we are faced with the situation when the stalking offence is converted in a “team sport”

In the Albanian legislation, the criminal offence of “Stalking” was added like the article 121/a[5] in the Criminal Code by the law no. 23/2012. This article does not envisage specifically cyber stalking, but unlike the provision of the sexual harassment offence, has defined this criminal offence as consisting only in physical actions. This interpretation of the article as related only to physical actions is observed in the judicial analysis of the article provision and the elements of the criminal offence by the court sentences in criminal trial proceedings, namely[6]:

“Regarding the article 121/a of the Penal Code, for the figure of the criminal offence of “Stalking” to be considered as committed, it should fulfil these conditions on the objective side: i) the actions must be repeated; ii) these actions must be considered harassing or threatening to the subject; and iii) these actions are done to cause to the person a permanent and serious situation of anguish or fear for the personal security, of a relative or of a person, with whom he has spiritual relation, or to force him to change the manner of living. If these conditions are met then we are in front of stalking. On the other side is important to be underlined that, the person (the damaged one) and the defendant may be familiar or unfamiliar for each-other before the actions. One of the cases of stalking which is mostly seen in practice is when the person creates an obsession for another person even though has never had relations with him. If the victim, the damaged one, does not respond as he desires, than the defendant increases threats, and in some cases continues even with violence. The most frequent cases of stalking are seen in desired but not realized romantic stories because one of them does not agree for such a relation to take place. The Criminal legislation does not establish an exact number of threatening or harassing actions, necessary for this figure of criminal offence to exist. The Court considers that even a minimum of two episodes of threat or harassment, are sufficient on the condition that these acts may cause a continuous (which lasts) situation of anguish and fear so that may outrage the normal development of the daily life done by the victim. The “stalking” actions or behaviours may be: the creation of visual or physical repeated contacts, the undesired communications with the other person, verbal threats or writings or a combination of such behaviours, which cause anguish or fear for the personal security of the victim. (In at least two cases).The criminal law doctrine, classifies this as a material criminal offence because the derivation of socially dangerous consequences is essential for its existence. In this meaning, is necessary to be verified the existence of the motivational relation between threatening or harassing behaviours and consequences, the causation to the victim of a continuous and serious situation of anguish or fear. The manner of the commission of the offence, as an element of the objective side, specifies this figure of the criminal offence. So, when the action is committed by a masked person or is associated with the carriage and the usage of arms, it presents additional social dangerousness and the criminal law provides a higher conviction for the authors in these cases…”

In spite of the absence of the legal definition within this article, is observed that along with physical actions, on the majority of cases the defendants have accomplished actions in opposition with the law even through phone or internet.

Concretely in the sentence no. 587 date 28.02.2017 of the First Instance Court of Tirana[7] is observed that: “...itresults that the defendant from the date 10.03.2016, up to the date 13.05.2016, has committed 170 callings altogether in the direction of the victim, allocated in almost all the hours of day, from 06.00, up to 23.00-24.00....”

In another sentence of the First Instance Court of Tirana[8], the court notes that: “...Also thedefendant admits that he had created an account in the social network of Facebook in the name of the victim, through which has discovered her (the victim) relations with other persons during the period of their relationship together...”

The criminal proceedings in which the offences are committed through social sites (mainly through Facebook, as one of the most widespread social network) are frequent, as follows:

Sentence no. 1697 date 24.05.2016 of the First Instance Court of Tirana[9]: “...The defendant after the victim’s engagement has started to harass her by posting photos on Facebook social network, photos where they had been together. Also he has sent these photos to the victim’s fiancé. The victim, after the publication of these photos from the defendant, had conflicts with the fiancé...”

Sentence no. 1833 date 03.06.2016 of the First Instance Court of Tirana [10]: “..All the actions of the defendant, in the form of phone calls on the phone numbers of the victim, communications on the social site of “Facebook”,.... have had an obvious troubling, insulting nature and have created to the denunciator a serious situation of anguish and insecurity, is evidenced completely that meet objectively the elements of the figure of the criminal offence of “Stalking”, envisaged by the article 121/a/1 of the Penal C.”

In another case is there has been an online publication of the data of the victim, a typical behaviour of cyber stalking[11]: “In her declaration, the victim claims that: TodayI had a message from an unknown man on « Viber ». I asked him where he had found my number and he told me that he has found it on a Facebook account where it was publicly posted. I checked the account and it resulted that this account had written to me many times obscenities and banal messages and I had not deleted them…”

Along with the above mentioned cases, there are a number of sentences of the First Instance Court of Tirana, of the last year and of the first trimester of the year 2017, where the defendants along with the physical actions on the victim, have committed actions through phone[12], through social networks[13]; as well as through telephone accompanied by the usage of social networks[14]. In a single case, stalking is accomplished only through social websites[15].

In Albania the number of investigated, tried and convinced cases for this criminal offence is low. In the year 2016, there were 232 criminal offences recorded[16] for the article 121/a (all the three paragraphs of the article), where 108 persons where taken as defendants. From the above number, 105 criminal offences were sent to trial with 105 defendants; 93 of which were found guilty by and sentenced by the court.

Cyber stalking is considered as the most serious form of cyber harassment.

Cyber harassment, just like cyber stalking does not have a sole and unique definition. This offence is defined as the usage of the information of technology to trouble, control, manipulate or to despise constantly another user, without having a direct or indirect threatening for the usage of violence. In difference from the physical sexual harassment, developed with personal contact among two pairs, online harassment consists in verbal, sexual, emotional or social abuse, and the main aim is the exercise of the authority and of the control on the target victim. Cyber harassment may be classified in two main groups: harassment of sexual nature and other behaviour of threatening, abusing nature or in opposition with social norms. Cyber harassment of sexual nature is the most widespread and is classified in three major groups:

The gender-based harassment, which involves undesired and insulting verbal and graphical communication, aiming to transmit negative emotions to the victim because of her/his gender.

The undesired sexual attention, where the author uses the direct communication with the victim to transmit undesired messages of sexual nature. Also the author aims to achieve contact of sexual nature with the victim through verbal or graphic communication.

Inducement for sexual contact, by making psychological pressure on the victim, through threats on the victim and/ or the victim’s friends.

The wide dimension of these online actions has greater implications than the real life ones. The extension of the actions in a much wider audience and the impossibility to delete data/communications from cyberspace entails a number of negative consequences for victims. Along with physical, emotional and psychological stress, self-isolation and disjunction from communication (not only the electronic communication); the more extreme cases have even reached extreme lengths, up to causing the victim’s death.

In the Albanian legislation, the criminal offence of “Sexual harassment” was added as the article 108/a [17]of the Criminal Code by the law no. 144/2013. This offence even though envisages sexual harassment, in its definition in the article has envisaged that this offence may be accomplished through every means and form, by leaving the opportunity of the interpretation of this provision in cases of online sexual harassment. However yet there is not a specific definition as for cyber harassment, of general nature (not only of sexual nature).

In Albania the number of investigated, tried and convicted cases for this criminal offence, is quite low. Inn 2016, there were 42 criminal offences recorded[18] for the article 108/a (both paragraphs of the provision) where 32 persons were taken as defendants. From the above number, 30 criminal cases with 32 defendants were sent to trial; and the court has sentenced 31 as guilty.

Mainly the prosecuted and tried proceedings for this criminal offence are cases when the criminal offence is committed with physical actions, accompanied mostly with insulting words. From the search on the website of the First Instance Court of Tirana, there was only one proceeding, where the physical actions were accompanied with the usage of phone communication.[19]

Cyberbullying is one of the criminal offences which has found appropriate terrain on the cyber space.

Definition of cyberbullying

There is no standard definition of “cyberbullying” in the international level, although there are attempts to give such a definition from different academic institutions. A widely accepted definition is: “the intentional behaviour or aggressive actions, committed from a group or from an individual, by using means of electronic communication, in a repeated and continuous manner, aimed at the victim, who cannot protect himself.”

The European Commission envisages it as “the continuous verbal or psychological harassment committed from an individual or a group in the direction of another through online means or mobile phones”.

In the annual report of 2016, the Special Representative of the Secretary- General of the United Nations, in his declaration on the violence against minors described it as “an aggressive intentional action, committed by an individual or a group, by using electronic contact means, on the undefended victim”.

In spite of the absence of a unique definition, there are some elements which are considered as part of each attempt for definition: the repetition of the actions, the author’s intention, the inequality between the author and the victim; and the key element – the electronic means of communication.

Elements of cyber bullying, forms and consequences

According to the 8th Forum on the Rights of Minors of the European Commission, it results that this criminal offence is progressing in the last decade. The 2012 Norton Security Report evaluates that over 1 million of people in this world become victims of cybercrime daily, this includes cyberbullying. The EU Report Kids Online[1] of 2011 demonstrated that 6% of kids from 9-16 years old were victims of cyberbullying. Cyber bullying has increased from 7% in 2010 in 12 % in 2014, according to the EU Kids Online.

Cyber bullying has increased recently because of social networks and has taken different forms such as mocking, insults, threats, gossips, unpleasant/banal comments and defamation. Although there are traditional elements of bullying that are also present in cyberbullying cases: the victim, the author and the (non-participant) observant, the new technology has added some elements which are typical of cyber bullying:

The use of electronic/digital means, through which the actions are committed,

The intention of the author to damage, by committing unpleasant or troubling actions for the victim

The lack of proportionality of power, because the author has advantage over the victim, this last one cannot protect himself. However in some cases is discussed even the advantage of technological knowledge of the author compared with the victim. This evaluation should be interpreted case after case.

The repetition of the action, which means the opportunity for quick and massive sharing of harmful information, in one single action. The harmful content may be re-shared, reposted or liked from other individuals, by causing damage even in the absence of a second action by the author.

The feeling of anonymity and the lack of responsibility. The anonymity increases the negative perception of the action from the victim, by causing a sense of being powerless because of not being able to properly identify the origin of the assault. The anonymity encourages the commitment of the actions which persons often are not capable of doing face to face, by giving power even to the persons who are not able to bully in daily life.

The publicity, which refers to the possibility that the actions of the author may be accessible from a massive audience, which is increased exponentially.

In the education context, cyber bullying means every type of electronic communication, including, but not only, motivated by the existing or perceived race, colour, religion, origin, ethnicity, sexual orientation, physical, mental, emotional incapability or the incapability to learn, gender or gender identity; as well as each other personal characteristics, or based on the relation with such a person, if the written action, verbal, physical or through electronic communication intends:

Physical or property damage;

Substantial interference in the opportunity for education;

To be as serious, persistent or evasive as to create an intimidating or threatening environment.

Interruption of the normal educational activity.

It should be mentioned that, in addition of cyber bullying in schools, there has been a similar activity on web pages used from certain groups intending to damage opposing individuals or groups.

Cyber bullying is committed also through search engines, by using cascades of unverified information or “Google bomb”, where the information is accompanied by as much as possible similar links, to increase the popularity of posting, so that to evidence it as primary information during the search in Google.

The effects of cyber bullying differ, but these effects are more frequent in the adolescents than in the adults. Some of these effects include:

Psychological problems such as the reduction of the victim’s self-confidence, the increase of the suicidal tendency[2] and the increase of depressive or aggressive emotions. Frequently, these psychological problems are accompanied by physical changes.

Isolation from persons and social activities, because of the creation of a constant state of anguish.

The impossibility to leave or to be protected, because nowadays the technology is almost impossible to avoid, and also the victim cannot avoid an unknown author.

Cyber bullying cases and the role of the authorities

The incidents of cyber bullying are rarely treated by the criminal legislation and in the absence of the specific legal framework, these cases are treated within the existing legal framework: as cases of violence, offences of discriminating nature or cybercrime offences. Cyberbullying cases are not provided within the national legislation, for several reasons, but the most important one is that these cases are not treated as criminal offences:

Cyberbullying cases are often treated through preventive and awareness measures, rather than through repressive criminal measures.

Even when it is considered as criminal offence, frequently the author of cyberbullying cannot be prosecuted or convicted because of his age, which may be under the minimum legal age of criminal responsibility.

In most cases, cyberbullying is considered as a violation of disciplinary nature, and is accompanied by disciplinary measures by the education authorities.

The future objective is the analysis of the participation and usage effects of the technology of information and social sites from children, by respecting their rights on this cyber (virtual) space and at the same time developing parallel strategies to be protected from danger without limiting the technology profits

Because of the technology development, is important to enable equal and safe access on the Internet and social media for all children and minors, in spite of gender, social-economic state, geographic location, cultural context or incapability. Beside these measures about accessing the technology, there is the need to address potential dangers with which children may be confronted; as well as the analysis of the impact of the information technology in the children development.

In this aspect, all society actors: state, education institutions, family and civil association play a very important role, to assure that all the children may profit from their rights on the cyber environment. The capital differentiation among minors and adults is that adults use technology, while minors live in it. This difference of perception brings differences in the viewpoints related with possibilities and risks.

The protection of children might not be confused with the control or the restriction of the access on the internet. The adults frequently have the wrong perception on the behaviours of children online, by considering them in the viewpoint of the offering of protection, without considering the age of the child and his emotional and psychological state. Frequently weaknesses on the cyber space correspond to the personal weaknesses in the real life, for this reason it is important to educate children about online ethics.

Another important aspect is the right for private life and the publication of the child’s personal information. Quite often such a mistake comes from the parents themselves, who publish their children’s details, forgetting that childhood is the most delicate period of his life and the consequences of each digital “track” are irreversible.

Preventive legislation should be combined with the fight against criminal offences and the victim support. It is important to include, as part of the academic curricula, lessons about information technology, freedom of expression and the right for private life. Apart from the information and education, it is important to present information about the use of technology in illegal activities and cybercrime victims.

In the context of legislative changes, actually in cooperation with UNICEF, Albania has prepared a draft project of the Code of Justice for Children[1], which from November 2016 is presented for public consultation with different actors. The scope of this draft Code is the regulation of the position of children, not only in the procedural position of the author of a criminal offence, but in each case when the child is involved in a criminal proceeding. This project aims to adopt the system of justice with minors, by establishing the duty of the specialization of all professions of justice to treat cases. Also it aims the restriction of the omission of freedom, as the most extreme measure, by taking into consideration the highest interest of the child.

This legal act requires an integral revision of the criminal and procedural system in Albania in a multidisciplinary manner. The social and education services, the state police, the probation agency and prosecution offices should cooperate not only regarding the prevention, but also establishing appropriate measures about their rehabilitation in society.

[1] Adopted by law nr.37/2017, at the parliamentary session of March 30, 2017.

[1] A network of researchers created and financed by the European Commission.

[2] Many victims of cyberbullying have put an end to their lives, such as in the USA Megan Meier, who committed suicide because of cyberbullying in Myspace. Criminal case United States v. Lori Drew

[2] Term used on the internet (frequently accompanied by a photo) to ignore troll comments.

[3] The term derives from the abbreviation of the word “document”(engl.), used in computer operative systems like suffix “.dox”

[4] This is not a criminal offence envisaged from the penal legislation, in spite of its widespread in Albania, mainly on the social networks.

[5] The article 121/a “Stalking”: “Intimidation or harassment of a person through repetitive actions, with the intent to cause a state of constant and severe anxiety to or fear for personal safety, of a relative or person with whom that person has a spiritual connection, or to force him or her to change his or her way of living, shall be punished by imprisonment of six months to four years. Where that offence is committed by an ex-spouse, former cohabitant, or person who had a spiritual connection with the injured party, the punishment shall increase by (1/3) one third of the sentence imposed. Where that offence is committed against a minor, pregnant woman or person unable to defend himself or herself, and where it has been committed by a person in disguise or accompanied with the carrying or use of weapons, the punishment shall increase by one-half of the sentence imposed”.

[17] The Article 108/a “Sexual harassment”: “Commitment of actions of a sexual nature which infringe the dignity of a person, by any means or form, by creating a threatening, hostile, degrading, humiliating or offensive environment, shall constitute a criminal offence and is punishable with one to five years of imprisonment. When this offence is committed in complicity, against several persons, more than once, or against children, it shall be punishable by three to seven years of imprisonment."

Arizona, USA. This is the 12th annual eCrime conference, which brings together 200 of the world’s top security practitioners and researchers to explore solutions to Internet-mediated electronic crime.

APWG Secretary General Peter Cassidy said, “Electronic crime succeeds ultimately through access to conventional banking services, where criminals can pay each other, or can extract stolen funds from victims. The 2017 eCrime conference will focus on the ability of industry and law enforcement to preserve its capacity to observe, respond and manage cybercrime mediated through the virtual currencies that are becoming ubiquitously fungible,” Mr. Cassidy said.

The annual Symposium On Electronic Crime Research features Industrial and academic researchers who probe: phishing, spear-phishing, ransomware, crimeware, online scam schemes, bitcoin abuses, and the character of crimes against different cultures. The symposium is attended by security managers from financial services firms, Internet security companies, technology developers, email system administrators, forensic scientists, law enforcement personnel, legislators, inter-governmental organizations and scientists from many disciplines that transect in the study of cybercrime.

Many of the presentations will describe practical approaches at hand for the detection, investigation and suppression of cybercrime through advanced research techniques and technical approaches, as developed by expert professionals and academic investigators working at the dark, lonely edges of the cybercrime experience.

The APWG, an international affairs organization focused on global suppression of common and advanced cybercrimes, was founded in 2003 as the Anti-Phishing Working Group, is a global industry, law enforcement, and government coalition of more than 2,100 institutions working to unify the global response to electronic crime. Since 2004, the APWG has developed and curated one of the world’s largest NGO-managed clearinghouses of cybercrime event data enabling the sharing of this data to protect consumers and businesses alike. APWG’s directors, managers and research fellows advise and correspond with national governments; global governance bodies like the Organisation for Economic Co-operation and Development, International Telecommunications Union and ICANN; hemispheric and global trade groups; and multilateral treaty organizations such as the European Commission, the G8 High Technology Crime Subgroup, Council of Europe's Convention on Cybercrime, United Nations Office of Drugs and Crime, Organization for Security and Cooperation in Europe, Europol EC3 and the Organization of American States. APWG is a member of the steering group of the Commonwealth Cybercrime Initiative at the Commonwealth of Nations. Membership is open to qualified financial institutions, online retailers, ISPs and Telcos, the law enforcement community, solutions providers, multi-lateral treaty organizations, research centers, trade associations and government agencies.

Criminal justice authorities need to be able to secure electronic evidence, including on servers in the cloud, to protect society and individuals against crime online. The powers to obtain such evidence must to be subject to data protection and other safeguards. Proposals to move ahead are now available.

Offences against computer systems and data are increasing. They include the theft of hundreds of millions of users’ data, to computer intrusions and denial of service attacks against critical infrastructure, media, civil society or public institutions – including, at the end of November, the European Commission.

But few of these offences are ever reported to criminal justice authorities. Of these, only a very small number of cases are successfully prosecuted. The same applies to offences by means of computers, from fraud and other types of financial crime, to online child abuse, xenophobia, racism and other forms of hate speech contributing to radicalisation and violent extremism.

Computer systems also host evidence in relation to crimes: ransom emails in cases of kidnapping or extortion, data on deals between drug traffickers, on corrupt arrangements, on the grooming of children, or data on terrorists conspiring to carry out an attack. However, many investigations are abandoned because of lack of access to such evidence.

Governments have an obligation to protect society and individuals against crime, but when it comes to cyberspace, their ability to meet this obligation remains limited. Progress has been made in Europe and other regions in terms of policies, legislation and criminal justice capacities. But this progress is often overtaken by the sheer scale of cybercrime, the number of devices, users and victims involved, and technical hurdles such as encryption or anonymisers.

Obtaining electronic evidence for use in criminal proceedings is essential for the rule of law. As I wrote for Europe’s World last year, “the ability of governments to ensure the rule of law in cyberspace will remain limited unless they can overcome impediments to accessing data and thus electronic evidence for criminal justice purposes. No data means no evidence, no justice and thus no rule of law.”

The challenges to securing electronic evidence are compounded by cloud computing. While data may be stored on, moving between or fragmented over servers in foreign, multiple or unknown jurisdictions – or hidden under multiple layers of service providers in various jurisdictions – the powers of criminal justice authorities are restricted to their specific territory.

So we need solutions allowing authorities to secure electronic evidence in the cloud.

The question of jurisdiction in cyberspace was a priority of the Dutch Presidency of the EU Council in the first half of 2016. It resulted in a set of Council conclusions in June 2016. The European Commission has been asked to submit concrete proposals by mid-2017.

At the Council of Europe in 2014 the parties to the Budapest Convention on Cybercrime – currently comprising 41 European states as well as Australia, Canada, Dominican Republic, Israel, Japan, Mauritius, Panama, Sri Lanka and USA – established a working group to identify ‘solutions on criminal justice access to evidence stored in the cloud and in foreign jurisdictions’.

Parties should implement a set of practical measures to render mutual legal assistance more efficient – for example, through allocation of resources, streamlining of procedures or the establishment of emergency procedures. There are doubts that MLA is suitable to secure volatile electronic evidence. Nevertheless, it remains the most widely accepted means to obtain evidence from other jurisdictions while protecting the rights of individuals and the sovereignty of states.

Domestic production orders to request subscriber information directly from service providers should apply not only to those providers with a seat in the territory of a criminal justice authority but also those based elsewhere who offer a service in that territory. The main difficulty is to determine when a service provider is sufficiently connected to a territory to bring the provider under the jurisdiction of the authorities of that territory. The rationale is that subscriber details are the information that is the most often sought in a criminal investigation. European authorities are already sending more than 100,000 requests a year directly to companies such as Apple, Google, Facebook, Microsoft, Twitter or Yahoo on an uncertain legal basis, raising data protection and other concerns.

There should be more consistent implementation of Article 18 of the Convention, domestic rules on the production of subscriber information. Currently, rules vary greatly between parties to this treaty, including between members of the European Union.

Greater practical measures are needed to facilitate cooperation between criminal justice authorities and service providers across borders. Examples include online tools with information on provider policies and procedural powers, standardised request forms and regular exchanges between the Cybercrime Convention Committee and major providers.

Parties should negotiate a protocol to the Convention with additional options for more efficient mutual legal assistance and for cooperation with providers and with rules and limitations on cross-border access to data, data protection and other safeguards.

While these recommendations received broad support from the Cybercrime Convention Committee in its session last month, talks continue. With the European Union also addressing these issues, the Committee coordinates closely with the European Commission. It is expected that the Committee will make a final decision, including on the preparation of a protocol, by June 2017. The solutions aim to adapt the agreed framework of the Budapest Convention to meet the challenges of cloud computing.

In a fast-changing world, common solutions with clear rule-of-law safeguards are preferable to unilateral solutions – otherwise a ‘jungle’ of diverse approaches presents risks for inter-state relations and the rights of individuals.

Published in Europe's World at http://europesworld.org/2016/12/02/evidence-cloud-rule-law-cyberspace-avoiding-jungle/#.WE7UD4WcFPY

It is taking place today, at Eurojust, the launching meeting of the European Judicial Cybercrime Network.

This network brings together representatives of the Public Prosecutors' Offices (in some cases, judicial representatives) of the Member States of the European Union, specialized in cybercrime issues. Its purpose is to facilitate the exchange of information on cybercrime and digital evidence, providing a forum for sharing of good practices, legislative developments and jurisprudence. The network is also a channel of dialogue available for the coordination of investigations in concrete cases.

It was approved, during the XIV Meeting of Prosecutors Generals of the Portuguese-Speaking Countries (held in Lisbon last 13-14 October), the establishment of the Cybercrime and Digital Evidence Forum. The decision was made by Prosecutors General of Angola, Brazil, Cape Verde, Guinea-Bissau, Mozambique, Portugal, Sao Tome and Principe and Timor-Leste, and also by representatives of the Prosecution Service of Macau, which are gathered in Lisbon.

Behind the creation of this forum it was the recognition that language is one of the last frontiers of the Internet, hence the need to strengthen cooperation at this respect among countries sharing the same language.

The Portuguese Public Portuguese Service announced yesterday (http://cibercrime.ministeriopublico.pt/en) that gathered, in Lisbon, the General Assembly of AIAMP (Associação Ibero Americana de Ministérios Públicos / Ibero-American Association of Public Prosecutors) approved the establishment of CiberRede / CiberRed, a network of Public Prosecutors specialised on cybercrime.

This network aims to develop the relationship between - Ibero American public prosecutors in matters of cybercrime and obtaining digital evidence and also to allow the exchange of experiences and good practices, facilitating, in concrete cases, cooperation between different countries.

CiberRede / CiberRed is a result of the adoption, by AIAMP, of an initiative of the Portuguese Prosecution Service, who is also responsible for the coordination of the network.

AIAMP brings together the Prosecution Services of 21 countries from the Ibero-American space, including Portugal and Spain. At the present date, 17 out of 21 Prosecution Services have already designated representatives to CiberRede / CiberRed.

Some of these countries are also Parties to the Budapest Convention: besides Portugal and Spain, also the Dominican Republic and Panama. Some other, have been invited to accede: Argentina, Chile, Colombia, Costa Rica, Mexico,

Paraguay and Peru.

The Portuguese Public Portuguese Service announced yesterday (http://cibercrime.ministeriopublico.pt/en) that gathered, in Lisbon, the General Assembly of AIAMP (Associação Ibero Americana de Ministérios Públicos / Ibero-American Association of Public Prosecutors) approved the establishment of CiberRede / CiberRed, a network of Public Prosecutors specialised on cybercrime.

This network aims to develop the relationship between - Ibero American public prosecutors in matters of cybercrime and obtaining digital evidence and also to allow the exchange of experiences and good practices, facilitating, in concrete cases, cooperation between different countries.

CiberRede / CiberRed is a result of the adoption, by AIAMP, of an initiative of the Portuguese Prosecution Service, who is also responsible for the coordination of the network.

AIAMP brings together the Prosecution Services of 21 countries from the Ibero-American space, including Portugal and Spain. At the present date, 17 out of 21 Prosecution Services have already designated representatives to CiberRede / CiberRed.

Some of these countries are also Parties to the Budapest Convention: besides Portugal and Spain, also the Dominican Republic and Panama. Some other, have been invited to accede: Argentina, Chile, Colombia, Costa Rica, Mexico, Paraguay and Peru.

Like in previous years, this Monograph is now available as "print on demand" (electronic or printed format) for those interested in purchasing it separately, without having to buy all the six volumes of the "International Encyclopaedia for Cyber Law"

This edition contains a total of 416 pages and is updated until February 2016. It is currently the only available book in Mexico on the subject published in English. It contains a general introduction; statistics and background of the political system, population and geography; telecommunications infrastructure; statistics and current data on information technology, broadband and telecommunications investment; electronic commerce; domain names; competitiveness and e-government. Likewise, this book is divided into nine main areas of practice with different chapters and sub-sections, and a final section of conclusions as follows:

I. Regulation of the Information Technology and Communications Market contains the legal and regulatory framework of the telecommunications sector, which includes an exhaust analysis of the Federal Law on Telecommunications and Broadcasting and the activities of the national regulatory authority IFT; an analysis of the competition framework in telecommunications under the current laws and treaties and the activities and fines established by the Antitrust regulator Cofece. This section also includes a revision of the rules on standardization, certification and homologation of telecommunications equipment.

II. Protection of Intellectual Property in the ICT Sector includes a revision of the national rules on copyright in the area of ICT, legal protection of software, databases, computer chips, trademark and trade scheme licenses, the current legal framework of Internet domain name registration, including the domain name disputes administered by WIPO and a revision of the Anti-Counterfeiting Agreement (ACTA) and its signature by the Mexican authorities.

III. ICT Contracts incorporates an analysis of the legal framework applicable to software, government and electronic contracts.

IV. Electronic Transactions includes an analysis of the rules for the formation of electronic agreements, the regulation of electronic commerce, electronic signatures and certification service providers in the following sectors: commerce, consumers, financial & banking, administrative procedures and tax and fiscal obligations; a revision of the rules on preservation of data messages, the rules on applicable law and jurisdiction for consumers, unsolicited communications (spam) and marketing practices and a revision of the status of national digital identity cards and online banking statistics.

V. Extra-Contractual Liability incorporates an analysis of the rules on non-contractual liability, negligence damage and redress and liability of network operators and Internet service providers.

VI. Online Legal Proceedings includes an analysis of the legal and administrative framework on online trial proceedings, the national online justice system and the sanctions imposed by the Federal Tribunal of Fiscal and Administrative Justice.

VII. Privacy and Data Protection incorporates an analysis of the constitutional reforms in the area of privacy an data protection, of Federal and State legislation on data protection, including an exhaust revision of the provisions of the Federal Law on Protection of Personal Data in Possession of Private Parties (LFPDPPP) and its Regulation and each of the instruments and guidelines on data protection issued by the national data protection authority INAI; the fines and sanctions against data controllers and data processors established by INAI; analysis of the jurisprudence and case law on privacy and data protection issued by the Supreme Court of Justice and Federal Tribunals and Internet industry related studies and statistics on data protection.

VIII. Transparency and Access to Government Information includes an analysis of the constitutional reform on access to information and the Federal Law of Transparency and Access to Public Government Information and Data Protection (FLTAPGIDP), state laws, information on the electronic system for access to information requests and relevant statistics on access to information from the national authority INAI.

IX. Computer and Internet related Crime, includes an analysis of the substantive provisions of the Federal Criminal Code in the area of ICT, interception of private communications, geographic tracking of mobile equipment by law enforcement authorities and cooperation on criminal investigations, offenses related to computer systems, infringement of copyrights, offenses related against the security of the nation, use and recognition of digital evidence for criminal investigations under the new National Criminal Procedure Code, the substantive and procedural rules on criminal jurisdiction, law initiatives on cybercrime, activities on international cooperation and national statistics on cybercrime, state legislation, law enforcement activities against cybercrime; an analysis of the national strategy on cyber security of the federal government, which includes the work of the national CERT-MX of the Scientific Division of the Federal Police and awareness activities on cyber security.

X. Final Conclusions

This book contains a "Thematic Index" with keywords within 776 numbered paragraphs of the text, which enables the reader to search for specific terms related to the regulation of information technologies in Mexico.

It is worth mentioning that I will be presenting this book in conferences and seminars related to the regulation of ICT’s, as well as in Universities and academic circles in Mexico and Europe during 2016.

The seventh round of GENVAL mutual evaluations has been dedicated to the practical implementation and operation of the European polices on preventing and combating cybercrime.

This monitoring mechanism follows the adoption of Joint Action 97/827/JHA of 5 December 1997 to evaluate the application and implementation at national level of international undertakings in the fight against organised crime among EU member countries.

The seventh round started in 2014 and ended in 2016. The final draft of the mutual evaluations with the conclusions and recommendations contained in the country specific reports is now available.

The country specific evaluation reports finalised have been made public and could serve other countries to review their legislation and strategy on cybercrime: